The Myth of Computer Security

H

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
Computer security is a myth, antivirus software can’t protect us, we are all going to die and you can blame your computer.

Let me tell you about a myth, a story, a fable that's been concocted and perpetuated by certain media groups. It's a story about how—with proper protection—your computer is immune to cyber attacks, viruses and other malware. That's the story but it's not true. I'm talking about the myth of computer security.
Click to expand...
 
As long as you avoid the dreaded ID-10T error that things should be pretty solid
 
I'm inclined to believe him since my computer is invaded by pr0n every day. :eek: :p
 
The computer can be perfectly safe, as long as you don't plug in any of those pesky cables that come out the back of it.

For the average user, they are their own worst enemy when it comes to security.
 
Hop-Scotch said:
The computer can be perfectly safe, as long as you don't plug in any of those pesky cables that come out the back of it.

For the average user, they are their own worst enemy when it comes to security.
Click to expand...

But it says I have a virus. I should spend $34.95 and clean my PC.
 
"Hey dude, i went to one of those sites you hate so much to watch some (streaming) anime and now I keep getting pop up, even when I don't have a browser running (and I may have clicked on one of those pop ups). Can you fix that for me?"

(actual phone call)

...what followed was a series of insults I don't even deem proper for [H]. Even with anti-virus, anti-malware and a good firewll, nothing can protect a computer from a stupid user.
 
Is this any different than individual security? All we can do is take precautions to lessen the likelihood.
 
Hop-Scotch said:
You plugged in a cable didn't you.........
Click to expand...

No, but when I clicked on the blue E symbol on my desktop, it ran some wireless wizard thing, and some how found the internets at my apartment complex. ;)



No such thing as true internet security aside from abstinence. However things like safe browsing habits, firewalls, antivirus, not running as root/admin, UAC, and sandboxes do reduce the risk quite a bit. Use them, and your head, and chances are good that your problems will be few and far between.
 
If you didn't plug in any cables you shouldn't see anything or be able to click anything. We are back to user error.
 
"Apple is immune"???!? Anyone else see that? Totally negated everything else in the article, to me.
 
Blyss+ said:
"Apple is immune"???!? Anyone else see that? Totally negated everything else in the article, to me.
Click to expand...

Immunity via obscurity doesn't work any more, seeing as how apple systems have been the first to go down in the Pawn To Win competitions for the last few years...
 
Another useless cyber rambling that makes the author sound like she knows what she's talking about until you get to the end and they have no solutions to the problems they discuss.

IT journalism is beyond useless.
 
AceGoober said:
I'm inclined to believe him since my computer is invaded by pr0n every day. :eek: :p
Click to expand...

Then you ask it to leave and it just makes all these excuses like how it's car is acting up and how it will clean up the apartment while you're gone and get groceries.

Then you get home and the apartments a mess, theres no groceries, and there's a guy named chez sitting on your couch in your bathrobe snorting lines off the coffee table and you're wondering how you ever let pr0n into your computer in the first place.
 
And it looks like this person didn't read the stuff from Symantec the other day that said its not the technology that hackers are attacking these days, it's the user.

With all the above said, there are people who will - rightly – say that none of this applies to Apple or Linux machines. At the time of this writing, it's true.

Sigh.:(
 
Pfft. I've been rocking a router firewall with MAC filtering and WPA encryption for years. Nothing else.

No problems. Ever.

My brother on the other hand has managed to bork a Christmas laptop within hours of opening it. His desktop has been sitting on the floor of my computer room for months. I don't even want to give it power to turn on and take over the house.
 
Bgrngod said:
Pfft. I've been rocking a router firewall with MAC filtering and WPA encryption for years. Nothing else.

No problems. Ever.

My brother on the other hand has managed to bork a Christmas laptop within hours of opening it. His desktop has been sitting on the floor of my computer room for months. I don't even want to give it power to turn on and take over the house.
Click to expand...

For the 1000th time, MAC filtering is useless. The only people it protects against are the kinda people who wouldn't know how to brute force your key in the first place. All you have to do is sniff client MAC's from the air and then clone them on your own wireless card. MAC broadcasts are always unencrypted so anyone can find out the wireless MAC's on your computers. Here more info: http://www.maxi-pedia.com/how+to+break+MAC+filtering
 
Whitelisting is the only way to protect clueless users. Hopefully more effort is put into this type of security software.
 
niconx said:
For the 1000th time, MAC filtering is useless. The only people it protects against are the kinda people who wouldn't know how to brute force your key in the first place. All you have to do is sniff client MAC's from the air and then clone them on your own wireless card. MAC broadcasts are always unencrypted so anyone can find out the wireless MAC's on your computers. Here more info: http://www.maxi-pedia.com/how+to+break+MAC+filtering
Click to expand...

I feel that the only real way is to use RADIUS.....if only it wasn't a god damn pain in the ass to setup.
 
" I love McAfee "

a.k.a. we can safely ignore anything that particular author has to say about computer security.
 
That was a really badly written article. He is right that McAfee Enterprise is a better product that their home edition, however their most recent take down of corporate America is not their only one. I have twice had to deal with updates from them, that destroyed proprietary software, even though it was tested before being deployed. While not perfect, I recommend ESET to most of my corporate clients, it tends to capture more undefined viruses and doesn't reset software scan exceptions when you update it. That aside, security must be addressed as a multi-layered monster. Client-side anti-virus, should only be seen as a last resort protection.
 
Navilor said:
Want to really feel inadequate with regards to security?
http://theinvisiblethings.blogspot.com/

A few examples:
Ring -3 Rootkit

Proof of concept code for exploiting the ring -3 rootkit

Attacking SMM Memory via Intel® CPU Cache Poisoning

Remotely Attacking Network Cards (or why we do need VT-d and TXT)

In other words we can get pwned so hard we'll never know it.
Click to expand...

It's interesting reading, just about all of it is way over my head though.

Computer security, is indeed a myth...it's like anything else, if someone wants to break into your home or car, they will. It's just a matter of determination, and time and effort. You can have a fancy alarm system, (basically any PC antivirus/antimalware is just a alarm system anyway, removing the infection after it's already done damage.) But there's so many backdoors and other "malware" that is not detected by the majority of virus scanner's it's scary.

Multi factor authentication used for your online banking....please, it's a joke, and there have been several new breakthroughs in hacking these banking sites that I'm glad I belong to a small credit union, there's no way I would bank with a huge BoA or Wamu or whoever in today's world.

99% of people getting infected would be a non-issue if people would simply take the time to read and comprehend what their computer or web browser is telling them. Most of the virus infections HAVE to have user interaction of some kind...."oh yea, i wanted to watch this free movie online, and it said I needed to update my Adobe or whatever, and then I got all these popups..." well there you go...don't click on anything, don't install anything that you as a user didn't initialize. :cool:

There needs to be a standard security training course that is required for anyone using a computer, just like getting your driver's license, and it would be nice if people took 5 minutes and actually would learn the proper terminology for basic computer things....It takes me twice as long to figure out what the hell people are trying to say, when they don't listen or are too ignorant or whatever...

"ok, click on start"

- derrr....left click or right click? do i double click? where's the start button? what do you mean internet explorer, what's that? I use ATT/whatever ISP for internet....derrr....where's my icons.....what's foxfire??? :rolleyes::confused::mad:
 
The computer college i go to produced some pretty good hackers, system analysts, etc.

Their records are in printouts in a big room in the back. Slow? Yes, but it's simple and the most secure filing system they can come up with in a school full of hackers :D
 
srangara said:
Whooosh!

Seconded.
Click to expand...

Windows 7 Ultimate and Enterprise have AppBlocker which is exactly this, a white lister, can be controlled via Group Policy and is very straight forward. So the technology is in place in Windows, it would just need to be distributed to downstream versions of Windows.
 
heatlesssun said:
Windows 7 Ultimate and Enterprise have AppBlocker which is exactly this, a white lister, can be controlled via Group Policy and is very straight forward. So the technology is in place in Windows, it would just need to be distributed to downstream versions of Windows.
Click to expand...
I do miss my Group Policies.
 
heatlesssun said:
Windows 7 Ultimate and Enterprise have AppBlocker which is exactly this, a white lister, can be controlled via Group Policy and is very straight forward. So the technology is in place in Windows, it would just need to be distributed to downstream versions of Windows.
Click to expand...

Just for the record, it's AppLocker - not AppBlocker, but the point is made... ;)
 
Hop-Scotch said:
The computer can be perfectly safe, as long as you don't plug in any of those pesky cables that come out the back of it.

For the average user, they are their own worst enemy when it comes to security.
Click to expand...

Not just cables. Thumb drives are also some of the worse culprit for transferring viruses. Best way to avoid thumb drive viruses are by not using AutoPlay to open things. Extra commands could be added to the INI file that'll run infected files on your computers. Just close the AutoPlay prompt and open the thumb drive in Computer (My Computer).
 
As long as people are dumb enough to install marlware, I'll make money by removing it. I'll stay smart. The rest can stay stupid.
 
I think the rule is always "problem is found between the keyboard and chair."

Virus don't kill computers.
Its people hired to write the virus from the $billion dollar anti-virus industry kills computers.
 
"this is hilarious! lol :p :p :p Distracting Beach Babes [HQ] Length: 5:32″"

You being a red-blooded horny person, you click on the link, accept an installation prompt, and – boom! – you're infected.
Click to expand...

where I stopped reading this garbage.
 
I was watching "I'm a mac" videos on YouTube. I noticed a lot of them go
Buyer - "I want a big screen."
PC - "We got that!"
Buyer - "And a powerful processor."
PC - "PCs have powerful processors!"
Buyer - "Oh, but I don't want to worry about viruses or get headaches."
PC - " :( ... get a mac."

It seems to me that Apple is being negligent (not to say outright lying to potential customers) as part of its corporate policy. It's not surprising that they'll parrot things like "Apples are perfectly safe", that's what the sales pitch consists of. Then they go and install tons of malware because they think they're being protected.
 
I think this was a big issue a few months (?!?!) ago with a long thread discussing this very type of thing with respect to Apple and their obfuscations about their own hardware and OS's actual security. One side of the argument would say that Apple never explicitly says "we don't get viruses, you're safe using our stuff" and the other side would argue "well, not technically word for word but, they're marketing the products as 'we don't get viruses or malware' when it's not 100% accurate, even if the language used to make the statement is completely done by implication."

Neither side wins, and consumers still end up being idiots caught up in the RDF and not doing educated research or anything at all.

Steve Jobs knows what's best for people - that's what Apple preaches, that's what Apple pundits shill out 24/7, that's what consumers buy along with the overpriced hardware and are under a false assumption that they are safe which couldn't be further from the truth.

Nobody is safe anymore, anytime, anywhere, for any reason. It's not just about computers...
 
All we need is a mass production of these

stop_computer_virus_ethernet_condom.jpg
 
Sikkyu said:
As long as you avoid the dreaded ID-10T error that things should be pretty solid
Click to expand...

this, esp with some of the new fake anti virus malware.

but I don't think that he gave full credit to the differences in design from Linux and windows. just by the way they are structured its usually easier to keep Linux secured. or rather it does not take the same amount of effort that windows does. that is not to say that linux is immune just that not only is less targeted it also harder to breach. (though with the more features they add the less this is going to remain true I think, I think the author has a point).
 
You must log in or register to reply here.
Back
Top